Novell adds auditing to Nsure

Provo, Utah-based Novell Inc. expanded its Nsure identity management solutions last month with Nsure Audit – secure logging and auditing software.

The offering, part of the Nsure suite of services and products, allows businesses to track and monitor security-related activity in internal systems and applications. Administrators can obtain copies of log-in transactions to ensure users within the company are following corporate and governmental policies.

“As a consequence of growth in the identity management area, government regulations and corporate policies have increased awareness of these tools and (organizations) will use them as an audit perspective, not to necessarily be draconian but (to) be able to trap events in real-time as they occur,” said Markam, Ont.-based Ross Chevalier, director of technology and solutions architecture for Novell Canada. “In the event that something does go wrong, [administrators] will be able to report it.”

Auditing has been a burgeoning area over the last few years, as companies look for non-intrusive ways – separate from traditional administrator access – to provide audit reporting, Chevalier said.

“This allows organizations to have a fast, accurate and legally permissible methodology to track when things go out of skew. So [administrators] are not managing every event, but have a set of rules and policies that are encoded into an enterprise directory. When something occurs out of band, [they] have a simple way to track that and take action.”

This type of auditing capability is not common across the identity management industry, but vendors are starting to address customer demand, said Gerry Gebel, analyst with Burton Group in Midvale, Utah.

“Security officers are under pressure to actually demonstrate compliance,” Gebel said. “Signing some kind of declaration is not enough. You have to come up with the proof that the right people have access to the right data, that illegal activity is not taking place, or that you can show proper handling of records and data, depending on your industry and kinds of regulations to have.”

Gebel said there is a need to bring various forms of log information together in one format for analysis, especially as applications continue to change so dramatically over time, which is why auditing in identity management has been such an active market segment. Other companies in the space include IBM Corp. and Computer Associates Inc.

Novell also released a software developer kit (SDK) to go along with Nsure Audit to create custom tools for monitoring and responding to activity in the audited system, Chevalier said. “A lot of raw data has been in log files for along time. Manipulating that data without simple tools takes a specific skill-set.”

Keeping in tune with the identity management theme, Novell also announced the general availability of a Security Assertion Markup Language (SAML) extension for iChain. This enables customers to pass user attributes among sites securely and map security assertions to individual user identities, Novell said.